/*
 AMENDMENTS:
 DATE          NAME        VERSION     DESCRIPTION
--------       -----       -------     -----------
 13/02/2009    KCF       	1.0.0       1.UpdateSecLevel.java : Add Update Security Group Hierarchy Level
*/
package com.mbbmap.security.action;

import java.util.ArrayList;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import com.mbbmap.app.EbppKeys;
import com.mbbmap.app.dao.SysLogDao;
import com.mbbmap.app.home.SecAccessHome;
import com.mbbmap.app.home.SecGroupHome;
import com.mbbmap.app.home.SysLogHome;
import com.mbbmap.app.manager.ConfigManager;
import com.mbbmap.security.dao.SecGroupLevelDao;
import com.mbbmap.security.dao.SecGroupsDao;
import com.mbbmap.util.Constants;
import com.mbbmap.util.EncryptionHelper;
import com.mbbmap.util.SecAccessHelper;
//import com.eremit.app.cus.business.comparator.*;
//20071204 : Added by Michael


/**
 *
 */
public final class UpdateSecLevelAction extends CommonDispatchAction {
    
    final String moduleCode = Constants.MDL_SEC_GROUP_LEVEL;

  /**
   * Account list
   */
  public ActionForward init(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {

    HttpSession session = request.getSession(false);
	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();
	ArrayList secGroupAccessList = new ArrayList();
	String strESelectedGroupCode ="";
	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	String strMerchant = "";
	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if(!isTokenValid(request)){
		System.out.println("Token validation failed!");
		session.invalidate();
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}else{
		resetToken(request);
		System.out.println("Token validation passed!");
	}
	
	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	
	System.out.println("The access level is "+accessAllow);
	accessAllow = true;
	System.out.println("Changing the access level to "+accessAllow);
	
	if (!accessAllow) {
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    }

	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);
	session.setAttribute(Constants.SECURITY_MODULE, arlSecModuleList);
	session.setAttribute(Constants.SELECTED_ACCESS_LIST, secGroupAccessList);
	session.setAttribute(Constants.SELECTED_SEC_GRP, strESelectedGroupCode);


    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }

  /**
   * Get Security Group Access list
   */
  public ActionForward getGroup(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {

    HttpSession session = request.getSession(false);
	String strSelectedGroupCode ="";
	String strESelectedGroupCode = request.getParameter("selaccessgrp");
	System.out.println("UpdateSecLevelAction.java: getGroup");

	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlFilterSecLevelList = new ArrayList();
	ArrayList secGroupLevelList = new ArrayList();
	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	String strMerchant = "";
	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if(!isTokenValid(request)){
		System.out.println("Token validation failed!");
		session.invalidate();
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}else{
		resetToken(request);
		System.out.println("Token validation passed!");
	}
	
	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	if (!accessAllow) {
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    }
	
	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);

	if ((strESelectedGroupCode != null) && (!strESelectedGroupCode.equals(""))){
		strSelectedGroupCode= sanitize(EncryptionHelper.decrypt(strESelectedGroupCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
		//arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);

		secGroupLevelList = SecAccessHome.getInstance().findSecGroupLevelList(strMerchant,strSelectedGroupCode);
		//This for loop is to get the Module Name of the Access Module.
		for(int i=0;i<secGroupLevelList.size();i++){
			//System.out.println("UpdateSecLevelAction.java: getGroup_002");
			SecGroupLevelDao secGrpLevelDao = (SecGroupLevelDao)secGroupLevelList.get(i);
			String tmpcGrpCode = "";
			tmpcGrpCode = secGrpLevelDao.getcGroupCode();
			//System.out.println("UpdateSecLevelAction.java: getGroup tmpcGrpCode" + tmpcGrpCode);
			if (tmpcGrpCode != null && !tmpcGrpCode.equals("")){
				for(int j=0;j<arlSecGroupList.size();j++){
					SecGroupsDao secgroupDao = (SecGroupsDao)arlSecGroupList.get(j);
					if (secgroupDao.getGroupCode().equals(tmpcGrpCode)){
						secGrpLevelDao.setChildGroupName(secgroupDao.getGroupName());
					}
				}
			}
		}
		//This loop is to get the Filter Security Module List.
		for(int k=0;k<arlSecGroupList.size();k++){
			SecGroupsDao secgroupDao = (SecGroupsDao)arlSecGroupList.get(k);
			String tmpGroupCode = secgroupDao.getGroupCode();
			int iFound = 0;
			for(int i=0;i<secGroupLevelList.size();i++){
				SecGroupLevelDao secGrpLevelDao = (SecGroupLevelDao)secGroupLevelList.get(i);
				if (secGrpLevelDao.getcGroupCode().equals(tmpGroupCode)){
					iFound = 1;
				}
			}
			if (iFound == 0){
				arlFilterSecLevelList.add(secgroupDao);
			}
		}
	}else{
		strSelectedGroupCode = "";
		strESelectedGroupCode = "";
	}
	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	session.setAttribute(Constants.SECURITY_CHILD_GROUP, arlFilterSecLevelList);
	session.setAttribute(Constants.SECURITY_GROUP_LEVEL, secGroupLevelList);
	session.setAttribute(Constants.SELECTED_SEC_GRP, strESelectedGroupCode);
    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }

  /**
   * Add Security Group Access list
   */
  public ActionForward addGroupLevel(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {

    final String PROG_ID="UpdateSecLevelAction.addGroupLevel";
    HttpSession session = request.getSession(false);
	System.out.println("UpdateSecLevelAction.java: addGroupLevel");

	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	System.out.println("UpdateSecLevelAction.java: addGroupLevel strEMerchant : " + strEMerchant);
	String strMerchant = "";
	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if(!isTokenValid(request)){
		System.out.println("Token validation failed!");
		session.invalidate();
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}else{
		resetToken(request);
		System.out.println("Token validation passed!");
	}
	String strEncryptedUID = (String) session.getAttribute(Constants.LOGINID);
	System.out.println("UpdateSecLevelAction.java: addGroupLevel strEMerchant : " + strEMerchant);
	String strLoginID = "";
	if ((strEncryptedUID != null) && (!strEncryptedUID.equals(""))){
		//strLoginID= EncryptionHelper.decrypt(strEncryptedUID,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strLoginID= strEncryptedUID;
	}else{
		strLoginID = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}

	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	if (!accessAllow) {
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    }

	String roleCode =(String) session.getAttribute(Constants.LOGON_USER_ROLE);
	if (roleCode == null || roleCode.trim().equals("")) {
	    return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	
	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();
	ArrayList arlFilterSecLevelList = new ArrayList();
	ArrayList secGroupAccessList = new ArrayList();
	ArrayList secGroupLevelList = new ArrayList();

	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);

	String strSelectedGroupCode = "";
	String strESelectedGroupCode = "";
	strESelectedGroupCode = request.getParameter("selaccessgrp");

	String strSelectedGroupLevel = "";
	String strESelectedGroupLevel = "";
	strESelectedGroupLevel = request.getParameter("sgrpLevel");

	System.out.println("UpdateSecLevelAction.java: addGroupLevel strESelectedGroupCode : " + strESelectedGroupCode);
	if ((strESelectedGroupCode == null) || (strESelectedGroupCode.equals(""))){
	    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
	}
	System.out.println("UpdateSecLevelAction.java: addGroupLevel strESelectedGroupLevel : " + strESelectedGroupLevel);
	if ((strESelectedGroupLevel == null) || (strESelectedGroupLevel.equals(""))){
	    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
	}
	
	// Activity log
	SysLogDao sysLogDao = new SysLogDao();
	sysLogDao.setActivityCode(Constants.ACT_CODE_SECURITY);
	sysLogDao.setAcctID(strMerchant);
	sysLogDao.setActivityName(PROG_ID);
	sysLogDao.setUserID(strLoginID);
	sysLogDao.setRole(roleCode);
	sysLogDao.setStatus(Constants.ACT_STATUS_SUCCESS);

	String strRetUpdate = "";
	if ((strESelectedGroupCode != null) && (!strESelectedGroupCode.equals(""))){
		strSelectedGroupCode= sanitize(EncryptionHelper.decrypt(strESelectedGroupCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
		if ((strESelectedGroupLevel != null) && (!strESelectedGroupLevel.equals(""))){
			strSelectedGroupLevel= sanitize(EncryptionHelper.decrypt(strESelectedGroupLevel,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
			sysLogDao.setUserField1("Selected Group Code="+strSelectedGroupCode + ", Add Child Group Code="+strSelectedGroupLevel);
			strRetUpdate = SecAccessHome.getInstance().addSecGroupLevel(strMerchant,strSelectedGroupCode,strSelectedGroupLevel,strLoginID);
			
			if (!strRetUpdate.equals(Constants.DB_YES)) {
			    sysLogDao.setStatus(Constants.ACT_STATUS_FAIL_GENERAL);
			}
			SysLogHome.getInstance().insertSysLog(sysLogDao);
		}
	}
	if ((strESelectedGroupCode != null) && (!strESelectedGroupCode.equals(""))){
		strSelectedGroupCode= sanitize(EncryptionHelper.decrypt(strESelectedGroupCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
		secGroupLevelList = SecAccessHome.getInstance().findSecGroupLevelList(strMerchant,strSelectedGroupCode);
		//This for loop is to get the Module Name of the Access Module.
		for(int i=0;i<secGroupLevelList.size();i++){
			SecGroupLevelDao secGrpLevelDao = (SecGroupLevelDao)secGroupLevelList.get(i);
			String tmpcGrpCode = "";
			tmpcGrpCode = secGrpLevelDao.getcGroupCode();
			if (tmpcGrpCode != null && !tmpcGrpCode.equals("")){
				for(int j=0;j<arlSecGroupList.size();j++){
					SecGroupsDao secgroupDao = (SecGroupsDao)arlSecGroupList.get(j);
					if (secgroupDao.getGroupCode().equals(tmpcGrpCode)){
						secGrpLevelDao.setChildGroupName(secgroupDao.getGroupName());
					}
				}
			}
		}
		//This loop is to get the Filter Security Module List.
		for(int k=0;k<arlSecGroupList.size();k++){
			SecGroupsDao secgroupDao = (SecGroupsDao)arlSecGroupList.get(k);
			String tmpGroupCode = secgroupDao.getGroupCode();
			int iFound = 0;
			for(int i=0;i<secGroupLevelList.size();i++){
				SecGroupLevelDao secGrpLevelDao = (SecGroupLevelDao)secGroupLevelList.get(i);
				if (secGrpLevelDao.getcGroupCode().equals(tmpGroupCode)){
					iFound = 1;
				}
			}
			if (iFound == 0){
				arlFilterSecLevelList.add(secgroupDao);
			}
		}
	}else{
		strSelectedGroupCode = "";
		strESelectedGroupCode = "";
	}

	System.out.println("UpdateSecLevelAction.java: addGroupLevel strSelectedGroupCode : " + strSelectedGroupCode);
	System.out.println("UpdateSecLevelAction.java: addGroupLevel strMerchant : " + strMerchant);

	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	session.setAttribute(Constants.SECURITY_CHILD_GROUP, arlFilterSecLevelList);
	session.setAttribute(Constants.SECURITY_GROUP_LEVEL, secGroupLevelList);
	session.setAttribute(Constants.SELECTED_SEC_GRP, strESelectedGroupCode);
    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }


  /**
   * Remove Security Group Access list
   */
  public ActionForward remGroupLevel(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {

    final String PROG_ID="UpdateSecLevelAction.remGroupLevel";
    HttpSession session = request.getSession(false);
	System.out.println("UpdateSecLevelAction.java: remGroupLevel");

	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	System.out.println("UpdateSecLevelAction.java: remGroupLevel strEMerchant : " + strEMerchant);
	String strMerchant = "";
	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if(!isTokenValid(request)){
		System.out.println("Token validation failed!");
		session.invalidate();
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}else{
		resetToken(request);
		System.out.println("Token validation passed!");
	}
	String strEncryptedUID = (String) session.getAttribute(Constants.LOGINID);
	System.out.println("UpdateSecLevelAction.java: remGroupLevel strEMerchant : " + strEMerchant);
	String strLoginID = "";
	if ((strEncryptedUID != null) && (!strEncryptedUID.equals(""))){
		//strLoginID= EncryptionHelper.decrypt(strEncryptedUID,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strLoginID= strEncryptedUID;
	}else{
		strLoginID = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}

	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	if (!accessAllow) {
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    }

	String roleCode =(String) session.getAttribute(Constants.LOGON_USER_ROLE);
	if (roleCode == null || roleCode.trim().equals("")) {
	    return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}

	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();
	ArrayList arlFilterSecLevelList = new ArrayList();
	ArrayList secGroupAccessList = new ArrayList();
	ArrayList secGroupLevelList = new ArrayList();

	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);

	String strSelectedGroupCode = "";
	String strESelectedGroupCode = "";
	strESelectedGroupCode = request.getParameter("selaccessgrp");

	String strSelectedGroupLevel = "";
	String strESelectedGroupLevel = "";
	strESelectedGroupLevel = request.getParameter("sremlevel");

	System.out.println("UpdateSecLevelAction.java: addGroupAccess strESelectedGroupCode : " + strESelectedGroupCode);
	if ((strESelectedGroupCode == null) || (strESelectedGroupCode.equals(""))){
	    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
	}
	System.out.println("UpdateSecLevelAction.java: addGroupAccess strESelectedGroupLevel : " + strESelectedGroupLevel);
	if ((strESelectedGroupLevel == null) || (strESelectedGroupLevel.equals(""))){
	    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
	}

	// Activity log
	SysLogDao sysLogDao = new SysLogDao();
	sysLogDao.setActivityCode(Constants.ACT_CODE_SECURITY);
	sysLogDao.setAcctID(strMerchant);
	sysLogDao.setActivityName(PROG_ID);
	sysLogDao.setUserID(strLoginID);
	sysLogDao.setRole(roleCode);
	sysLogDao.setStatus(Constants.ACT_STATUS_SUCCESS);
	
	String strRetUpdate = "";
	if ((strESelectedGroupCode != null) && (!strESelectedGroupCode.equals(""))){
		strSelectedGroupCode= sanitize(EncryptionHelper.decrypt(strESelectedGroupCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
		if ((strESelectedGroupLevel != null) && (!strESelectedGroupLevel.equals(""))){
			strSelectedGroupLevel= sanitize(EncryptionHelper.decrypt(strESelectedGroupLevel,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
			sysLogDao.setUserField1("Selected Group Code="+strSelectedGroupCode + ", Remove Child Group Code="+strSelectedGroupLevel);
			strRetUpdate = SecAccessHome.getInstance().remSecGroupLevel(strMerchant,strSelectedGroupCode,strSelectedGroupLevel,strLoginID);
			if (!strRetUpdate.equals(Constants.DB_YES)) {
			    sysLogDao.setStatus(Constants.ACT_STATUS_FAIL_GENERAL);
			}
			SysLogHome.getInstance().insertSysLog(sysLogDao);
		}
	}
	if ((strESelectedGroupCode != null) && (!strESelectedGroupCode.equals(""))){
		strSelectedGroupCode= sanitize(EncryptionHelper.decrypt(strESelectedGroupCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
		secGroupLevelList = SecAccessHome.getInstance().findSecGroupLevelList(strMerchant,strSelectedGroupCode);
		//This for loop is to get the Module Name of the Access Module.
		for(int i=0;i<secGroupLevelList.size();i++){
			SecGroupLevelDao secGrpLevelDao = (SecGroupLevelDao)secGroupLevelList.get(i);
			String tmpcGrpCode = "";
			tmpcGrpCode = secGrpLevelDao.getcGroupCode();
			if (tmpcGrpCode != null && !tmpcGrpCode.equals("")){
				for(int j=0;j<arlSecGroupList.size();j++){
					SecGroupsDao secgroupDao = (SecGroupsDao)arlSecGroupList.get(j);
					if (secgroupDao.getGroupCode().equals(tmpcGrpCode)){
						secGrpLevelDao.setChildGroupName(secgroupDao.getGroupName());
					}
				}
			}
		}
		//This loop is to get the Filter Security Module List.
		for(int k=0;k<arlSecGroupList.size();k++){
			SecGroupsDao secgroupDao = (SecGroupsDao)arlSecGroupList.get(k);
			String tmpGroupCode = secgroupDao.getGroupCode();
			int iFound = 0;
			for(int i=0;i<secGroupLevelList.size();i++){
				SecGroupLevelDao secGrpLevelDao = (SecGroupLevelDao)secGroupLevelList.get(i);
				if (secGrpLevelDao.getcGroupCode().equals(tmpGroupCode)){
					iFound = 1;
				}
			}
			if (iFound == 0){
				arlFilterSecLevelList.add(secgroupDao);
			}
		}
	}else{
		strSelectedGroupCode = "";
		strESelectedGroupCode = "";
	}

	System.out.println("UpdateSecLevelAction.java: remGroupLevel strSelectedGroupCode : " + strSelectedGroupCode);
	System.out.println("UpdateSecLevelAction.java: remGroupLevel strMerchant : " + strMerchant);


	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	session.setAttribute(Constants.SECURITY_CHILD_GROUP, arlFilterSecLevelList);
	session.setAttribute(Constants.SECURITY_GROUP_LEVEL, secGroupLevelList);
	session.setAttribute(Constants.SELECTED_SEC_GRP, strESelectedGroupCode);
    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }

}
